Alerts This Week
Warning Icon 1 609
Alerts This Week
Warning Icon 1 609

openSUSE 13.1: openSUSE-SU-2016:1136-1 Important: Chromium Threats Fixed

opensuse
Calendar Grey April 24, 2016
Dist Opensuse Esm H88
Critical update released for Fedora addressing 12 vulnerabilities in Firefox. A vital patch to safeguard your device from potential risks.
An update that fixes 9 vulnerabilities is now available

Description

Chromium was updated to 50.0.2661.75 to fix the following vulnerabilities:

- CVE-2016-1651: Out-of-bounds read in Pdfium JPEG2000 decoding

- CVE-2016-1652: Universal XSS in extension bindings

- CVE-2016-1653: Out-of-bounds write in V8

- CVE-2016-1654: Uninitialized memory read in media

- CVE-2016-1655: Use-after-free related to extensions

- CVE-2016-1656: Android downloaded file path restriction bypass

- CVE-2016-1657: Address bar spoofing

- CVE-2016-1658: Potential leak of sensitive information to malicious

extensions

- CVE-2016-1659: Various fixes from internal audits, fuzzing and other

initiatives

Topics%20covered

Topics Covered

security advisory software patch important system update threats openSUSE Chromium

Patch

Patch Instructions:

To install this openSUSE Security Update use YaST online_update.

Alternatively you can run the command listed for your product:

- openSUSE 13.1:

zypper in -t patch 2016-505=1

To bring your system up-to-date, use "zypper patch".

Package List

- openSUSE 13.1 (i586 x86_64):

chromedriver-50.0.2661.75-144.1

chromedriver-debuginfo-50.0.2661.75-144.1

chromium-50.0.2661.75-144.1

chromium-debuginfo-50.0.2661.75-144.1

chromium-debugsource-50.0.2661.75-144.1

chromium-desktop-gnome-50.0.2661.75-144.1

chromium-desktop-kde-50.0.2661.75-144.1

chromium-ffmpegsumo-50.0.2661.75-144.1

chromium-ffmpegsumo-debuginfo-50.0.2661.75-144.1

References

https://www.suse.com/security/cve/CVE-2016-1651.html

https://www.suse.com/security/cve/CVE-2016-1652.html

https://www.suse.com/security/cve/CVE-2016-1653.html

https://www.suse.com/security/cve/CVE-2016-1654.html

https://www.suse.com/security/cve/CVE-2016-1655.html

https://www.suse.com/security/cve/CVE-2016-1656.html

https://www.suse.com/security/cve/CVE-2016-1657.html

https://www.suse.com/security/cve/CVE-2016-1658.html

https://www.suse.com/security/cve/CVE-2016-1659.html

https://bugzilla.suse.com/975572

Severity
important
Lowest
Low
Medium
High
Critical

Announcement ID: openSUSE-SU-2016:1136-1
Rating: important
Affected Products: openSUSE 13.1 .

Topics%20covered

Topics Covered

security advisory software patch important system update threats openSUSE Chromium

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Related News

Your message here